Re: SSH key algorithm updates

[Stephen Farrell <stephen.farrell%cs.tcd.ie@localhost>]

On 30/10/15 21:43, Jeffrey Hutzelman wrote:
> On Fri, 2015-10-30 at 21:36 +0000, Stephen Farrell wrote:
>>
>> On 30/10/15 18:12, Jeffrey Hutzelman wrote:
>>> Agreed.  In fact, we probably should undertake a general updating of
>>> recommended and required crypto algorithms across the protocol. 
>>
>> If there's general support for this, then I'd be happy to
>> try shift any annoying IETF bureaucracy out of the way. That
>> could mean forming a short-lived wg or me AD sponsoring a
>> single document if that's all that's needed. I'm happy to
>> help with either approach.
> 
> 
> I imagine that we could do it with an AD-sponsored document and an
> extended IETF last call.  No need to spin up a WG, I hope.

Yeah, if it's just algo updates, that seems right. I guess we
should see if folks have another list of things they'd like to
do though - if there were then that might justify a wg, but if
not, then AD sponsored is much quicker/simpler.

> 
> I admit I haven't been paying attention; what's the plan for SHA3?

Not sure there's a general plan. There does seem to be a general
disinterest;-)

> Should we be thinking about a set of documents to define SHA3-based key
> exchange, public key, and MAC algorithms for SSH?

Personally, I'm not that keen on defining stuff that might not
get widespread use, but that kind of opinion seems to vary from
protocol to protocol, and from one set of folks to another. So
I'm not sure what folks here think.

Deprecating old stuff to the extent we can OTOH, I'm quite keen
on that:-)

Cheers,
S.


S.

> 
>